diff --git a/client/mod/toolbox.js b/client/mod/toolbox.js
index fe612ec0a..47d5d63c7 100644
--- a/client/mod/toolbox.js
+++ b/client/mod/toolbox.js
@@ -24,7 +24,7 @@ const ToolboxView = Backbone.View.extend({
 		this.render();
 	},
 	render() {
-		const specs = this.specs = [
+		let specs = this.specs = [
 			'clearSelection',
 			'spoilerImages',
 			'deleteImages',
@@ -34,7 +34,7 @@ const ToolboxView = Backbone.View.extend({
 
 		// Add aditional panel buttons by priveledge level
 		if (main.ident.auth === 'dj')
-			specs.push('djPanel')
+			specs = this.specs = ['djPanel']
 		const accessLevels = [
 			['dj', ['toggleMnemonics']],
 			['moderator', ['lockThreads', 'ban']],
diff --git a/common/util.js b/common/util.js
index 84f0313f1..d1e6b92f2 100644
--- a/common/util.js
+++ b/common/util.js
@@ -458,7 +458,7 @@ exports.commaList = commaList;
 
 // Acertains client has the proper authorisation level or higher
 function checkAuth(type, ident) {
-	const levels = ['janitor', 'dj', 'moderator', 'admin'];
+	const levels = ['dj', 'janitor', 'moderator', 'admin'];
 	return levels.indexOf(type) <= levels.indexOf(ident.auth);
 }
 exports.checkAuth = checkAuth;
diff --git a/db.js b/db.js
index c6d1a4d14..6ea66030e 100644
--- a/db.js
+++ b/db.js
@@ -1181,11 +1181,10 @@ exports.Yakusoku = Yakusoku;
 class Reader extends events.EventEmitter {
 	constructor(ident) {
 		// Call the EventEmitter's constructor
-		super();
-		if (common.checkAuth('janitor', ident)) {
-			this.canSeeModeration = true;
-			this.canSeeMnemonics = common.checkAuth('dj', ident);
-		}
+		super()
+        this.canSeeMnemonics = ident.auth === 'dj'
+            || common.checkAuth('moderator', ident)
+        this.canSeeModeration = common.checkAuth('janitor', ident)
 	}
 	get_thread(num, opts) {
 		const key = 'thread:' + num;
diff --git a/server/persona.js b/server/persona.js
index f93a75139..5051dd9fc 100644
--- a/server/persona.js
+++ b/server/persona.js
@@ -69,8 +69,8 @@ function verify_auth(resp, packet) {
 	if (packet.expires && packet.expires < Date.now())
 		return respond_error(resp, 'Login attempt expired.');
 
-	const email = packet.email;
-	const auth = _.find(['admin', 'moderator', 'dj', 'janitor'], type =>
+	const {email} = packet
+	const auth = _.find(['admin', 'moderator', 'janitor', 'dj'], type =>
 		config.staff[type] && email in config.staff[type])
 	if (!auth) {
 		winston.error("Login attempt by " + email);
diff --git a/server/render.js b/server/render.js
index c97b0693f..556f370dc 100755
--- a/server/render.js
+++ b/server/render.js
@@ -153,7 +153,7 @@ class RenderBase {
 
 		// Make script loader load moderation bundle
 		const {ident} = this.req;
-		if (common.checkAuth('janitor', ident)) {
+		if (common.checkAuth('dj', ident)) {
 			const keys =  JSON.stringify(_.pick(ident, 'auth', 'csrf', 'email'));
 			html += `var IDENT = ${keys};`;
 		}
diff --git a/server/web/admin.js b/server/web/admin.js
index 7777b21c7..0954296f4 100644
--- a/server/web/admin.js
+++ b/server/web/admin.js
@@ -13,7 +13,7 @@ const router = module.exports = express.Router();
 router.get('/mod.js', function (req, res) {
 	// Admin/Moderator privelege is injected on page render and verified
 	// serverside. Thus, we can serve the same bundle for both admins and mods.
-	if (!common.checkAuth('janitor', req.ident))
+	if (!common.checkAuth('dj', req.ident))
 		return res.sendStatus(404);
 
 	const modJS = resources.modJs;